Security Boulevard

Centurion: Bring Your Own Execution Environment

Writing my own virtualized loader is something I’ve been wanting to do since I first read Microsoft’s deep dive on FinFisher’s multi-layered VM obfuscation back in 2018. FinFisher didn’t just use one ...
The Hacker News

One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public

CVE-2026-23111 is a Linux kernel nf_tables use-after-free that lets an unprivileged local user escalate to root and escape a ...
heise online

Proxmox VE 9.2 with Dynamic Load Balancer and Linux Kernel 7.0

Proxmox Virtual Environment 9.2 introduces a dynamic load balancer, among other features, and expands SDN capabilities with WireGuard and BGP. Vienna-based Proxmox Server Solutions GmbH has released ...
ZDNet

The third major Linux kernel flaw in two weeks has been found - thanks to AI

Another bad Linux kernel bug has appeared. Fragnesia can give unauthorized users root powers. More open-source security bugs are likely coming. According to Linus's law, "Given enough eyeballs, all ...

Torvalds Tightens Linux Kernel Rules To Reject Deluge Of Low-Value AI Fixes

Linus Torvalds has tightened Linux kernel rules to reject low-value AI-generated fixes, pushing back against trivial patches flooding maintainers.
InfoQ

Oracle's OpenJDK Bans Generative AI Contributions While Oracle's GraalVM Allows Them

Two related, Oracle-backed projects published opposing policies on open-source contributions created with generative AI: The ...
SecurityWeek

19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access

Introduced in 2007, the CIFSwitch Linux kernel bug allows users to modify CIFS key description fields and gain root ...
Morning Overview on MSN

A new Linux kernel flaw called 'Fragnesia' lets local attackers gain root through page cache corruption

A vulnerability in the Linux kernel’s networking stack gives any user with local shell access a reliable path to full root ...
InfoWorld

AWS boosts CloudWatch Logs query limits by 10x to ease debugging for developers, SREs

The update will help developers and SREs investigate incidents faster and improve observability automation, while stopping short of replacing third-party SIEM platforms and offering direct cloud cost ...